Ransomware is currently one of the most prominent cyberthreats for organizations. Small- and medium-sized enterprises are particularly vulnerable to ransomware victimization and more inclined toward paying the ransom. However, while a few studies have been conducted on victimization of ransomware, little is known about how small- and medium-sized enterprises respond to victimization and what factors contribute to the decision to pay the ransom. This study uses a survey with a vignette experiment conducted among 445 owners and managers of Dutch small- and medium-sized enterprises to gain more insight into the factors that are related to the decision to pay the ransom in the event of ransomware victimization. Findings show that the likelihood that the ransom is paid is low. While the affordability of the ransom demand seems unrelated to the likelihood of paying, being advised by a cybersecurity company to pay the ransom and not having a back-up significantly increases the likelihood of the ransom being paid. The findings provide insight into factors that make ransomware victims vulnerable to extortion. Furthermore, implications for how ransomware attacks can be mitigated are discussed.
Matthijsse, S. R., Moneva, A., van ’t Hoff-de Goede, M. S., & Leukfeldt, E. R. (2024). Examining ransomware payment decision-making among small- and medium-sized enterprises. European Journal of Criminology, 22(4), 625-645. https://doi.org/10.1177/14773708241285671 (Original work published 2025)
Document
OpenAccess
